Details of VAR-201812-0347

ID

VAR-201812-0347

CVE

CVE-2018-13816

TITLE

Siemens TIM 1531 IRC Authentication vulnerability

Trust: 0.8

sources: IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // CNVD: CNVD-2018-25424

DESCRIPTION

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). The devices was missing proper authentication on port 102/tcp, although configured. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. At the time of advisory publication no public exploitation of this vulnerability was known. TIM 1531 IRC Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Siemens TIM 1531 IRC is a communication module from Siemens AG, Germany. A security vulnerability exists in a version of the Siemens TIM 1531 IRC 2.0 that was caused by a device failing to authenticate properly when connecting on a 102/tcp port. This may aid in further attacks

Trust: 3.42

sources: NVD: CVE-2018-13816 // JVNDB: JVNDB-2018-014043 // CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // BID: 106194 // IVD: 7d806041-463f-11e9-9db3-000c29342cb1 // IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // VULMON: CVE-2018-13816

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.6

sources: IVD: 7d806041-463f-11e9-9db3-000c29342cb1 // IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424

AFFECTED PRODUCTS

vendor:	siemens	model:	tim 1531 irc	scope:	lt	version:	2.0	Trust: 1.8
vendor:	siemens	model:	tim irc	scope:	eq	version:	1531<v2.0	Trust: 1.2
vendor:	tim 1531 irc	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	siemens	model:	tim irc	scope:	eq	version:	15311.1	Trust: 0.3
vendor:	siemens	model:	tim irc	scope:	eq	version:	15311.0	Trust: 0.3
vendor:	siemens	model:	tim irc	scope:	ne	version:	15312.0	Trust: 0.3

sources: IVD: 7d806041-463f-11e9-9db3-000c29342cb1 // IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // BID: 106194 // JVNDB: JVNDB-2018-014043 // NVD: CVE-2018-13816

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-13816
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-13816
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-25397
value:	HIGH
Trust: 0.6
CNVD:	CNVD-2018-25424
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201812-646
value:	CRITICAL
Trust: 0.6
IVD:	7d806041-463f-11e9-9db3-000c29342cb1
value:	CRITICAL
Trust: 0.2
IVD:	7d8198c0-463f-11e9-b4e9-000c29342cb1
value:	CRITICAL
Trust: 0.2
VULMON:	CVE-2018-13816
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-13816
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-25397
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2018-25424
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d806041-463f-11e9-9db3-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7d8198c0-463f-11e9-b4e9-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-13816
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	6.0
version:	3.0
Trust: 1.8

sources: IVD: 7d806041-463f-11e9-9db3-000c29342cb1 // IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // VULMON: CVE-2018-13816 // JVNDB: JVNDB-2018-014043 // CNNVD: CNNVD-201812-646 // NVD: CVE-2018-13816

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.8
problemtype:	CWE-284	Trust: 1.0

sources: JVNDB: JVNDB-2018-014043 // NVD: CVE-2018-13816

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201812-646

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201812-646

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014043

PATCH

title:	SSA-982399	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf	Trust: 0.8
title:	Siemens TIM 1531 IRC Certification Missing Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/147297	Trust: 0.6
title:	Patch for Siemens TIM 1531 IRC Authentication Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/147337	Trust: 0.6
title:	Siemens TIM 1531 IRC Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87884	Trust: 0.6

sources: CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // JVNDB: JVNDB-2018-014043 // CNNVD: CNNVD-201812-646

EXTERNAL IDS

db:	NVD	id:	CVE-2018-13816	Trust: 4.4
db:	SIEMENS	id:	SSA-982399	Trust: 3.2
db:	BID	id:	106194	Trust: 2.0
db:	CNNVD	id:	CNNVD-201812-646	Trust: 1.0
db:	ICS CERT	id:	ICSA-18-352-05	Trust: 0.9
db:	CNVD	id:	CNVD-2018-25397	Trust: 0.8
db:	CNVD	id:	CNVD-2018-25424	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014043	Trust: 0.8
db:	IVD	id:	7D806041-463F-11E9-9DB3-000C29342CB1	Trust: 0.2
db:	IVD	id:	7D8198C0-463F-11E9-B4E9-000C29342CB1	Trust: 0.2
db:	VULMON	id:	CVE-2018-13816	Trust: 0.1

sources: IVD: 7d806041-463f-11e9-9db3-000c29342cb1 // IVD: 7d8198c0-463f-11e9-b4e9-000c29342cb1 // CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // VULMON: CVE-2018-13816 // BID: 106194 // JVNDB: JVNDB-2018-014043 // CNNVD: CNNVD-201812-646 // NVD: CVE-2018-13816

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-982399.pdf	Trust: 3.2
url:	http://www.securityfocus.com/bid/106194	Trust: 1.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-352-05	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13816	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-13816	Trust: 0.8
url:	http://www.siemens.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2018-25397 // CNVD: CNVD-2018-25424 // VULMON: CVE-2018-13816 // BID: 106194 // JVNDB: JVNDB-2018-014043 // CNNVD: CNNVD-201812-646 // NVD: CVE-2018-13816

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 106194

SOURCES

db:	IVD	id:	7d806041-463f-11e9-9db3-000c29342cb1
db:	IVD	id:	7d8198c0-463f-11e9-b4e9-000c29342cb1
db:	CNVD	id:	CNVD-2018-25397
db:	CNVD	id:	CNVD-2018-25424
db:	VULMON	id:	CVE-2018-13816
db:	BID	id:	106194
db:	JVNDB	id:	JVNDB-2018-014043
db:	CNNVD	id:	CNNVD-201812-646
db:	NVD	id:	CVE-2018-13816

LAST UPDATE DATE

2024-08-14T14:51:23.453000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-25397	date:	2018-12-14T00:00:00
db:	CNVD	id:	CNVD-2018-25424	date:	2018-12-14T00:00:00
db:	VULMON	id:	CVE-2018-13816	date:	2019-10-09T00:00:00
db:	BID	id:	106194	date:	2018-12-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-014043	date:	2019-03-25T00:00:00
db:	CNNVD	id:	CNNVD-201812-646	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-13816	date:	2019-10-09T23:34:34.293

SOURCES RELEASE DATE

db:	IVD	id:	7d806041-463f-11e9-9db3-000c29342cb1	date:	2018-12-14T00:00:00
db:	IVD	id:	7d8198c0-463f-11e9-b4e9-000c29342cb1	date:	2018-12-14T00:00:00
db:	CNVD	id:	CNVD-2018-25397	date:	2018-12-14T00:00:00
db:	CNVD	id:	CNVD-2018-25424	date:	2018-12-14T00:00:00
db:	VULMON	id:	CVE-2018-13816	date:	2018-12-12T00:00:00
db:	BID	id:	106194	date:	2018-12-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-014043	date:	2019-03-11T00:00:00
db:	CNNVD	id:	CNNVD-201812-646	date:	2018-12-13T00:00:00
db:	NVD	id:	CVE-2018-13816	date:	2018-12-12T16:29:00.747